"Encrypted SSL connections between employees and external Internet applications have become a growing security risk and a new conduit for viruses, spyware, rogue applications and other threats to the corporate network," said William Rocholl, global head of strategy and engineering, telecom and network services for ABN AMRO, an international bank with operations in more than 60 countries. "We need a solution to provide visibility into this traffic, and the ability to protect and control it without introducing network bottlenecks."

Most enterprise SSL traffic comprises business-critical applications now outsourced on the Internet, such as customer relationship management sites, travel booking, human resources/benefits and expense management. While these applications use SSL to protect the confidentiality of data for the enterprise, the encrypted traffic introduces a critical problem for the enterprise. SSL traffic eludes inspection or control by the organization, creating a significant internal Information Technology (IT) "blind spot" for security threats and an open door for rogue applications not sanctioned by company policy. Traveling unmonitored and unchecked through the firewall's fully open port 443, threat traffic has formed a new highway for enterprise vulnerability.

Blue Coat's SSL proxy enables organizations to stop malware, including viruses and spyware, from infiltrating their networks through encrypted tunnels. It can deny threats from secured phishing attempts that now utilize SSL explicitly as a cloaking mechanism. It can also govern what encrypted applications the organization will allow to communicate externally. Since much of SSL traffic is business-critical, companies cannot afford any performance degradation due to inspection. Rather than degrade performance, Blue Coat's ProxySG platform actually boosts SSL-encrypted application performance by as much as 10X through the use of its patented object pipelining and caching technology.

"Enterprises have been completely blind to their users' SSL traffic," said David Passmore, research director for Burton Group. "Companies would like to have the same level of visibility and control of SSL traffic as they do with non-encrypted traffic. With SSL usage rising rapidly and security threats proliferating, products like Blue Coat's SSL proxy may fill a significant enterprise need."

SSL Proxy for the User, Not SSL Offload for the Web Server To date, corporations only have visibility and control over SSL communication when they own the application and can terminate connections to and from it. Blue Coat has provided SSL offload and termination for enterprise-run applications since 1999. Prior to the release of Blue Coat's new SSL proxy, enterprise user SSL communications out to the Internet have eluded IT visibility and control. With the new Blue Coat functionality, corporations can now terminate, inspect, impose policy and block or re-issue users' encrypted traffic.

"The SSL blind spot and wide open door of port 443 on the firewall is yet another example of why enterprises should not allow users to connect directly to the Internet without going through a proxy," said Steve Mullaney, vice president of marketing for Blue Coat Systems. "The Internet brings tremendous value, but it can also be a cesspool, introducing significant security risks to the business. With our new SSL proxy functionality, Blue Coat can close a major security hole for enterprises."

The Power of the Proxy
Blue Coat's proxy appliances have the unique ability to strike the optimal balance between user empowerment and IT control. Because a proxy terminates application protocols, it has comprehensive understanding of the user-to-application interaction and its context. As a result, proxy appliances provide IT with the power to define, enforce and audit intelligent policy controls over user/application interactions. By distributing proxy appliances at key points in an enterprise infrastructure - the data center, the gateway and regional/branch offices - organizations can create a robust system architecture to protect, control and accelerate Web communications.

Price and Availability
The new SSL proxy functionality is a licensable option of the SGOS version 4.2 operating software for the ProxySG family. The new version is currently in controlled release and will ship for general availability in January 2006. The US list price starts ranges from $450 to $11,995 for the license to the software option with an add-in accelerator card.

About Blue Coat Systems
Blue Coat helps organisations make the Web safe and productive for business. Blue Coat proxy appliances provide visibility and control of Web communications to protect against risks from spyware, Web viruses, inappropriate Web surfing, instant messaging (IM), video streaming and peer-to-peer (P2P) file sharing - while actually improving Web performance. Trusted by many of the world's largest organizations, Blue Coat has shipped more than 20,000 proxy appliances. Blue Coat is headquartered in Sunnyvale, California, and can be reached at (01276) 854111 or email ukinfo AT bluecoat.com or at www.bluecoat.com

Use of this site is governed by our Terms of Use and Privacy Policy.
Copyright 1996- Ziff Davis, LLC. All Rights Reserved.
Reproduction in whole or in part in any form or medium without express written permission
of Ziff Davis, LLC. is prohibited.PCMag Digital GroupAdChoice